Zimbra Panel - Detect

What is the "Zimbra Panel - Detect" module?

The "Zimbra Panel - Detect" module is designed to detect the presence of the Zimbra panel, a software used for messaging and collaboration. Zimbra provides open source server and client software, and this module helps identify instances of the Zimbra panel for further analysis.

This module has an informative severity level, meaning it provides valuable information but does not indicate a vulnerability or misconfiguration.

Author: dhiyaneshDk, idealphase

Impact

This module does not have a direct impact on the target system. It is used solely for detection purposes and does not perform any actions that could potentially harm the system.

How does the module work?

The "Zimbra Panel - Detect" module works by sending an HTTP GET request to the target system's "/zimbraAdmin/" path. It then applies two matching conditions to determine if the Zimbra panel is present:

- The module checks if the response body contains the "" string. - The module verifies that the response status code is 200 (OK).

If both conditions are met, the module identifies the presence of the Zimbra panel.

Example HTTP request:

GET /zimbraAdmin/ HTTP/1.1
Host: [target_host]

Matching conditions:

- Response body must contain the string "<title>Zimbra Administration</title>". - Response status code must be 200.

For more information, you can refer to the Exploit Database.